Researches Find RSA Security Hole

Author: Bradford Schmidt
Published: March 05, 2010 at 1:44 pm
Share

RSA security is the de facto technology used to protect pretty much everything, including web servers and smartphones. Theoretically, it's a bear to bypass, requiring an obscene amount of time and computing power to crack 1,024-bit private keys. The thinking has always been that unless you guess the key, you just aren't breaching the security.

Not so much anymore, at least according to three University of Michigan computer scientists. Turns out that RSA authentication is susceptible to voltage changes applied to the private key holder, Network World is reporting.

Researchers have published a paper showing that by varying current to a secured computer, they were able to figure out a 1,024-bit private key in only 100 hours, without leaving any trace of doing so.

The good news?  They've also published a solution to the problem that involves randomly juggling the private key's digits.

 
 
Read comments on this article, and add some feedback of your own

About this article

Profile image for boneinthefan

Article Author: Bradford Schmidt

Bradford Schmidt is a feature writer at the award-winning newspaper Florida Weekly. He is also a freelance writer and editor that covers food, music and technology. His newspaper columns and features are reprinted on his blog, BradfordSchmidt.com, …

Bradford Schmidt's author pageAuthor's Blog

Article Tags

hacking, RSA, security,
Share: Bookmark and Share

Add your comment, speak your mind

Personal attacks are NOT allowed
Please read our comment policy